FS#45460 - [firefox] Build as position independent executable

Attached to Project: Arch Linux
Opened by Alexander Kauer (kaueraal) - Wednesday, 24 June 2015, 19:51 GMT
Last edited by Evangelos Foutras (foutrelis) - Friday, 03 July 2015, 00:29 GMT
Task Type Feature Request
Category Packages: Extra
Status Closed
Assigned To Jan de Groot (JGC)
Ionut Biru (wonder)
Evangelos Foutras (foutrelis)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description:
Firefox has support for aslr/being build as position independent executable for some time [1]. Enabling it should result in a better defence in depth against malicious code entering through that channel. As Firefox is one of the largest potential attack surfaces on desktop machines, that change should heighten the security for a lot of users without much drawbacks.
The small potential slowdown through building it as position independent executable, even on i686, should be outweighed by the additional security.

At least on my amd64 machine Firefox built without issues via simply adding '--enable-pie'.


1: https://hg.mozilla.org/mozilla-central/rev/d38de091ced0#l1.23


Additional info:
* package version(s): 38.0.5-1 and earlier


Steps to reproduce:
Install firefox from the extra-repository and run

$ hardening-check `which firefox`
/usr/bin/firefox:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no, not found!
This task depends upon

Closed by  Evangelos Foutras (foutrelis)
Friday, 03 July 2015, 00:29 GMT
Reason for closing:  Implemented
Additional comments about closing:  firefox 39.0-1
Comment by Evangelos Foutras (foutrelis) - Wednesday, 24 June 2015, 21:20 GMT
Thanks, will look into enabling this for Firefox 39 which comes out in a few days.
Comment by patrick (potomac) - Thursday, 25 June 2015, 16:53 GMT
if there is a potential slowdown with this "position independent executable" option then we should check if it's an annoying effect on old PCs,

do you know if the windows version of firefox has this PIE feature ?

debian, ubuntu and other linux distros have also enabled this option by default ?
Comment by Alexander Kauer (kaueraal) - Thursday, 25 June 2015, 17:54 GMT
At least Ubuntu ships Firefox as position independent executable since 10.04 LTS, probably via some custom patch [1].
On Arch Linux Chromium is shipped as position independent executable [2], which should be somewhat compareable.

Most sources [1], [3] cite slowdowns of 5-10% on average with pie enabled for x86, as it has only few registers. On amd64 pie shouldn't hurt performance much.
I have no idea what amount of slowdown Firefox actually reaches, but I still think that building Firefox as a position independent executable outweights that performance penalty.

1: https://wiki.ubuntu.com/Security/Features#Built_as_PIE
2: https://wiki.archlinux.org/index.php/DeveloperWiki:Security#PIE or run 'hardening-check /usr/lib/chromium/chromium'
3: https://nebelwelt.net/publications/12TRpie/gccPIE-TR120614.pdf

Loading...